Target is suddenly aptly named. The chain has just announced that hackers may have gotten up to 40 million credit card numbers, right in the middle of holiday shopping.
Unfortunately, the breach is both wide and expansive. Here’s what happened, according to Target itself:
The unauthorized access may impact guests who made credit or debit card purchases in our U.S. stores from Nov. 27 to Dec. 15, 2013. …We have determined that the information involved in this incident included customer name, credit or debit card number, and the card’s expiration date and CVV (the three-digit security code).
Yeeeee-ah, this is bad. The breach may be up to 40 million cards, thanks to the fact that it’s the holidays and people are busy buying stuff for their families. Especially vulnerable are debit cards, which you have to watch like a hawk or otherwise you’re out the cash.
What’s not clear is how the breach happened, whether it was a raid on Target’s servers or a mass installation of skimmers, which have become disturbingly convincing over the last few years. Target claims to be investigating internally, which will have to do for now.
For now, if you’ve shopped at a Target recently, keep an eye on your credit card. If you’re really paranoid, you can also get a new one issued, although that’s something of a process. And if you used your debit card, and it’s remotely possible, just cancel it and have a new one issued. Better safe than sorry.